Basic input/output system (BIOS) software is low level software used to boot up (i.e., perform boot operations such as loading and starting an operating system (OS), testing hardware, and the like) and perform low level operations in a computer system. BIOS (or analogous low level software) may be implemented using the Unified Extensible Firmware Interface (UEFI) open source standard (e.g., UEFI Specification Version 2.4, available at www**uefi**org/specs/), which is a specification that defines a software interface between an operating system (OS) and platform firmware (a combination of persistent memory and program code and data stored in the persistent memory). UEFI includes components called UEFI variables, which are used in UEFI Secure Boot techniques. UEFI variables are used to save MRC (Memory Reference Code) configuration data, PCH (Platform Control Hub) configuration data, SA (System Agent) configuration data, keys, and the like. UEFI Secure Boot techniques are standardized (e.g., UEFI2.3.1c specification) and some UEFI techniques are implemented in open source arrangements (e.g., edk2**sourceforge**net).
A Trusted Platfo rm Module (TPM) is a hardware device that is a secure micro-controller/cryptoprocessor with added cryptographic functionalities. It works with supporting software and firmware to prevent unauthorized access to a computing node. The TPM contains a hardware engine to perform encryption/decryption. The TPM uses its built-in encryption engine during digital signing and key wrapping operations.
Despite the availability of advanced boot up software protocols (e.g., UEFI Secure Boot) and secure cryptoprocessors (e.g., TPMs), malware and the like is still a threat to true trusted computing.